Asp.net ºǫ́µ÷ÓÃjs·½·¨(ת)
1. ÓÃResponse.Write·½·¨
¡¡¡¡´úÂëÈçÏ£º
Response.Write("<script type='text/javascript'>alert("XXX");</script>");
´Ë·½·¨È±ÏݾÍÊDz»Äܵ÷Óýű¾ÎļþÖеÄ×Ô¶¨ÒåµÄº¯Êý£¬Ö»Äܵ÷ÓÃÄÚ²¿º¯Êý£¬¾ßÌåµ÷ÓÃ×Ô¶¨ÒåµÄº¯ÊýÖ»ÄÜÔÚResponse.WriteдÉϺ¯Êý¶¨ Ò壬±ÈÈç
Response.Write("<script type='text/javascript'>function myfun(){}</script>");
2.ÓÃClientScriptÀà
¡¡¡¡´úÂëÈçÏ£ºÔÚÏëµ÷ÓÃij¸öjavascript½Å±¾º¯ÊýµÄµØ·½Ìí¼Ó´úÂ룬עÒâÒª±£Ö¤MyFunÒѾÔڽű¾ÎļþÖж¨Òå¹ýÁË¡£
ClientScript.RegisterStartupScript(ClientScript.GetType(), "myscript", "<script>MyFun();</script>");
¡¡¡¡Õâ¸ö·½·¨±ÈResponse.Write¸ü·½±ãһЩ£¬¿ÉÒÔÖ±½Óµ÷Óýű¾ÎļþÖеÄ×Ô¶¨Ò庯Êý¡£
3.ÆÕͨµÄÌí¼Ó¿Ø¼þµÄAttributesÊôÐÔ
¡¡¡¡¶ÔÓÚÆÕͨ°´Å¥¾ÍÊÇ£ºButton1.Attributes.Add("onclick","MyFun();");
¡¡¡¡Ö»ÄÜÔÚOnloadÖлòÀàËÆÓÚonloadµÄ³õʼ»¯¹ý³ÌÖÐÌí¼Ó²ÅÓÐЧ¡£¶øÇÒÊÇÏÈÖ´Ðнű¾º¯Êý£¬ÎÞ·¨¸Ä±äÖ´ÐÐ˳Ðò¡£
×¢Ò⣬ÒÔÉÏËùÓз½·¨ÖУ¬ºǫ́´úÂ붼²»ÄÜÓÐת»¯µ±Ç°Ò³µÄ´úÂ룬±ÈÈçRedirectµÈ£¬Òª°Ñתҳ´úÂë·ÅÔڽű¾ÀïÃæ
Ïà¹ØÎĵµ£º
Õâ¸öÓкܶàÖÖ·½·¨ÎÒÔÚÕâÀïд¼¸¸ö°É
·½Ê½Ò»£º
ÔÚÒ³ÃæµÄPreInitʼþÖÐÖ±½ÓÉèÖ᣸÷½·¨¿ÉʵÏÖ²»Í¬Ò³Ãæ¼ÓÔز»Í¬Ö÷Ì⣬Èç¹ûҪʵÏÖÍøÕ¾ÕûÌå»»·ô£¬Ö»ÐèÒª´´½¨Ò»¸ö´ÓSystem.Web.UI.PageÀàÅÉÉúµÄ×ÓÀ࣬ÔÚ¸ÃÀàµÄPreInitʼþÖмÓÔØÌض¨Ö÷Ì⣬×îºóËùÓÐÒ³Ãæ¼Ì³Ð×Ô´ËÀ༴¿É¡£
protected override void OnPreInit(Event ......
ASP.NET ÌṩÈýÖÖÓÃÓÚÔÚ³öÏÖ´íÎóʱ²¶»ñºÍÏìÓ¦´íÎóµÄÖ÷Òª·½·¨£ºPage_Error ʼþ¡¢Application_Error ʼþÒÔ¼°Ó¦ÓóÌÐòÅäÖÃÎļþ (Web.config)¡£
Èç¹ûÄú²»µ÷Óà Server.ClearError »òÕß²¶»ñ Page_Error »ò Application_Error ʼþÖеĴíÎó£¬Ôò½«¸ù¾Ý Web.config ÎļþµÄ <customErrors> ²¿·ÖÖеÄÉèÖô¦Àí´íÎó¡£ÔÚ & ......
ʹÓà SqlDataSource ¿Ø¼þÖ»ÐèºÜÉٵĴúÂë»òÎÞÐèÈκδúÂë¼´¿É´ÓÊý¾Ý¿âÖмìË÷Êý¾Ý¡£SqlDataSource ¿Ø¼þ¿ÉÓÃÓÚÈκξßÓйØÁª ADO.NET Ìṩ³ÌÐò£¨ÔÚÅäÖÃÎļþµÄ DbProviderFactories ½ÚÖÐÅäÖ㩵ÄÊý¾Ý¿â£¬°üÀ¨ Microsoft SQL Server¡¢Oracle¡¢ODBC »ò OLE DB Êý¾Ý¿â£¨Èç Microsoft Access£©¡£ÄúÔÚÅäÖÃʱָ¶¨ SqlDataSource ʹÓõ ......
ͨ¹ýAsp.net(C#)Ó¦ÓóÌÐò¶ÁÈ¡±¾µØÉÏ´«µÄExcleÎļþ,´æ·Åµ½DataSetÖÐ,ͨ¹ýDataSetÖеķ½·¨Ö±½ÓÉú³ÉXMLÎļþ.
C# Code
if (this.FileUpload1.PostedFile != null)
{
string filename = this.FileUpl ......
